ERROR: One or more PGP signatures could not be verified!

Since I had to look this up too many times already, I thought I better write a quick blog post on how to resolve this, so I won’t need to dig in this thread anymore.

If you ever encounter the following error during makepkg, most prominent in the cower package, which is a dependency of the popular AUR helper pacaur.

==> Verifying source file signatures with gpg...
 cower-17.tar.gz ... FAILED (unknown public key 1EB2638FF56C0C53)
==> ERROR: One or more PGP signatures could not be verified!
:: failed to verify cower integrity

The solution here is not to add the key in pacman-key, but with gpg, like this

$ gpg --recv-keys 1EB2638FF56C0C53
gpg: key 1EB2638FF56C0C53: public key "Dave Reisner <d@falconindy.com>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1

Have fun in the AUR and don’t forget to contribute.

Advertisements